SQL injection attack detection method and system based on large language model

By using data preprocessing, hint engineering, instruction fine-tuning, and label mapping based on a large language model, a dedicated model suitable for SQL injection attack detection is constructed, solving the problems of high false positive rate and insufficient detection performance, and achieving more efficient SQL injection attack detection.

CN122160085APending Publication Date: 2026-06-05INSPUR SOFTWARE TECH CO LTD +1

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
INSPUR SOFTWARE TECH CO LTD
Filing Date
2026-01-12
Publication Date
2026-06-05

AI Technical Summary

Technical Problem

Existing SQL injection attack detection methods suffer from high false positive rates and insufficient detection performance.

Method used

A detection method based on a large language model is adopted, and a dedicated model suitable for detecting SQL injection attacks is constructed through data preprocessing, hint engineering, instruction fine-tuning and label mapping.

Benefits of technology

It significantly reduced the false positive rate of SQL injection attack detection and significantly improved detection performance.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122160085A_ABST
    Figure CN122160085A_ABST
Patent Text Reader

Abstract

The application discloses a SQL injection attack detection method and system based on a large language model, belongs to the technical field of network security, and aims to solve the technical problem of how to reduce the false positive rate of SQL injection attack detection and improve the detection performance. The method comprises the following steps: obtaining a standardized data set by preprocessing, deleting duplicate samples, deleting empty samples, URL decoding and deleting redundant spaces; constructing prompt text suitable for the large language model; connecting the samples of the standardized data set to the input part of the prompt text, splicing the expected output to the output part of the prompt text to form a fine-tuning data set, and fine-tuning the large language model through the LoRA technology; obtaining the response output by the large language model, and converting the response into a standardized detection label according to a pre-defined label mapping rule.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of network security technology, specifically to a method and system for detecting SQL injection attacks based on a large language model. Background Technology

[0002] Structured Query Language (SQL) is a standardized programming language for database management and is currently the most widely used database language. However, attackers can bypass application filtering mechanisms by inserting malicious SQL commands into the query strings of web forms, URLs, or page requests, thereby illegally tampering with or destroying data in the database. This type of attack is called SQL injection, which poses a serious threat to cyberspace security. Current SQL injection attack detection methods are divided into rule-based detection methods and machine learning-based detection methods, depending on the algorithm used.

[0003] Rule-based detection methods involve manually analyzing SQL injection attack samples to summarize and extract a series of rules, which are then used to filter inputs to determine if they constitute SQL injection attacks. This method strictly adheres to the specified rules, allowing attackers to bypass detection by adding distractors or replacing keywords, ultimately rendering the detection system ineffective.

[0004] Machine learning-based detection methods learn features from a large number of samples and build classifiers to detect unknown SQL injection attacks. However, in real network scenarios, this method will produce a large number of false positives, causing the identification of genuine SQL injection attacks to be interfered with by a large number of false positives of legitimate requests.

[0005] How to reduce the false positive rate of SQL injection attack detection and improve detection performance is a technical problem that needs to be solved. Summary of the Invention

[0006] The technical objective of this invention is to address the above-mentioned shortcomings by providing a method and system for detecting SQL injection attacks based on a large language model, thereby solving the technical problem of how to reduce the false positive rate of SQL injection attack detection and improve detection performance.

[0007] This invention provides a method for detecting SQL injection attacks based on a large language model, comprising the following steps: Data preprocessing: Obtain the Kaggle public dataset as the benchmark dataset for SQL injection attack detection, and preprocess the benchmark dataset by removing duplicate samples, empty samples, URL decoding, and redundant spaces to obtain a standardized dataset. The standardized dataset includes SQL injection attack samples and non-SQL injection attack samples. Prompt Engineering: Constructing prompt texts adapted to large language models, which provide context and task requirements, and control the generation style and output mode; Instruction fine-tuning: Samples from the standardized dataset are connected to the input part of the prompt text, and the expected output is concatenated to the output part of the prompt text to form a fine-tuning dataset. Based on the fine-tuning dataset, the large language model is fine-tuned using LoRA technology. The expected output of SQL injection attack samples is Yes, and the expected output of non-SQL injection attack samples is No. Label Mapping: Obtain the responses output by the large language model and convert them into standardized detection labels according to predefined label mapping rules. The label mapping rules are as follows: responses containing the keywords Yes, True, and 1 are mapped to the SQL injection attack class; responses containing the keywords No, False, and 0 are mapped to the non-SQL injection attack class; and other responses are mapped to the unknown class. Unknown class responses indicate that the large language model does not understand the instruction semantics and indicate alignment failure.

[0008] Preferably, the prompt text includes four parts: description, instruction, input, and output, with each part separated by a predetermined symbol; The description is used to guide a large language model to build tasks based on instructions and generate responses as outputs based on the tasks and inputs; The instructions are divided into task prompts, example prompts, and answer prompts by analyzing SQL injection attack samples. The task prompts guide the large language model to pay attention to the URL in the input part and detect whether the URL contains SQL injection attack patterns. The example prompts are used to show typical SQL injection attack patterns. The answer prompts are used to guide the large language model to select Yes or No as the response. The input is a sample URL to be tested; The output is used to indicate the end of the prompt and guide the large language model to generate a response.

[0009] As a preferred approach, when fine-tuning a large language model using LoRA technology, the weight parameters of the large language model are frozen, an additional network layer is added to the side of the large language model, and only the parameters of the newly added network layer are trained. The original output of the large language model is summed with the output of the newly added network layer to obtain the final model output. The parameters of the newly added network layer are optimized through iterative training on the fine-tuning dataset. After training is completed, a dedicated large language model adapted to the SQL injection attack detection task is obtained.

[0010] Preferably, when fine-tuning instructions, the LoRA technique is orthogonal to other fine-tuning methods.

[0011] Secondly, the present invention provides an SQL injection attack detection system based on a large language model, comprising a data preprocessing module, a prompting engineering module, an instruction fine-tuning module, and a label mapping module; The data preprocessing module is used to perform the following: obtain the Kaggle public dataset as the benchmark dataset for SQL injection attack detection, and preprocess the benchmark dataset by removing duplicate samples, empty samples, URL decoding, and redundant spaces to obtain a standardized dataset, which includes SQL injection attack samples and non-SQL injection attack samples. The prompting engineering module is used to perform the following: build prompt text adapted to a large language model, wherein the prompt text is used to provide context and task requirements, and control the generation style and output mode; The instruction fine-tuning module is used to perform the following: inputting samples from the standardized dataset into the input part of the prompt text, and concatenating the expected output into the output part of the prompt text to form a fine-tuning dataset. Based on the fine-tuning dataset, the large language model is fine-tuned using LoRA technology. The expected output of SQL injection attack samples is Yes, and the expected output of non-SQL injection attack samples is No. The label mapping module is used to perform the following: obtain the responses output by the large language model, and convert the responses into standardized detection labels according to predefined label mapping rules. The label mapping rules are as follows: responses containing the keywords Yes, True, and 1 are mapped to the SQL injection attack class; responses containing the keywords No, False, and 0 are mapped to the non-SQL injection attack class; and other responses are mapped to the unknown class. Unknown class responses indicate that the large language model does not understand the instruction semantics and indicate alignment failure.

[0012] Preferably, the prompt text includes four parts: description, instruction, input, and output, with each part separated by a predetermined symbol; The description is used to guide a large language model to build tasks based on instructions and generate responses as outputs based on the tasks and inputs; The instructions are divided into task prompts, example prompts, and answer prompts by analyzing SQL injection attack samples. The task prompts guide the large language model to pay attention to the URL in the input part and detect whether the URL contains SQL injection attack patterns. The example prompts are used to show typical SQL injection attack patterns. The answer prompts are used to guide the large language model to select Yes or No as the response. The input is a sample URL to be tested; The output is used to indicate the end of the prompt and guide the large language model to generate a response.

[0013] As a preferred approach, when fine-tuning a large language model using LoRA technology, the weight parameters of the large language model are frozen, an additional network layer is added to the side of the large language model, and only the parameters of the newly added network layer are trained. The original output of the large language model is summed with the output of the newly added network layer to obtain the final model output. The parameters of the newly added network layer are optimized through iterative training on the fine-tuning dataset. After training is completed, a dedicated large language model adapted to the SQL injection attack detection task is obtained.

[0014] Preferably, the instruction fine-tuning module supports LoRA technology orthogonal to other fine-tuning methods.

[0015] The SQL injection attack detection method and system based on a large language model of the present invention have the following advantages: 1. Relying on the powerful semantic understanding capabilities of large language models, the false positive rate of SQL injection attack detection can be greatly reduced; 2. Compared with the more advanced SQL injection attack detection methods currently available, this method has a significant improvement in detection performance. Attached Figure Description

[0016] To more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are only some embodiments of the present invention. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

[0017] The invention will be further described below with reference to the accompanying drawings.

[0018] Figure 1 This is a flowchart of an SQL injection attack detection method based on a large language model, as shown in Example 1. Figure 2 Example diagram of a tag mapping method for detecting SQL injection attacks based on a large language model, as shown in Example 1. Detailed Implementation

[0019] The present invention will be further described below with reference to the accompanying drawings and specific embodiments, so that those skilled in the art can better understand and implement the present invention. However, the embodiments are not intended to limit the present invention. In the absence of conflict, the embodiments of the present invention and the technical features in the embodiments can be combined with each other.

[0020] This invention provides a method and system for detecting SQL injection attacks based on a large language model, which addresses the technical problem of how to reduce the false positive rate of SQL injection attack detection and improve detection performance. Example

[0021] This invention provides a method for detecting SQL injection attacks based on a large language model, such as... Figure 1 The process includes four steps: data preprocessing, prompting engineering, instruction fine-tuning, and label mapping.

[0022] Step S100 Data Preprocessing: Obtain the Kaggle public dataset as the benchmark dataset for SQL injection attack detection, and preprocess the benchmark dataset by removing duplicate samples, empty samples, URL decoding, and redundant spaces to obtain a standardized dataset. The standardized dataset includes SQL injection attack samples and non-SQL injection attack samples.

[0023] In this embodiment, the prompt text includes four parts: description, instruction, input, and output, each separated by a predetermined symbol. The description guides the large language model to construct a task based on the instruction and generate a response as output based on the task and input. The instruction is divided into task prompts, example prompts, and answer prompts by analyzing SQL injection attack samples. The task prompt guides the large language model to focus on the URL in the input part and detect whether the URL contains an SQL injection attack pattern. The example prompt is used to demonstrate typical SQL injection attack patterns. The answer prompt guides the large language model to select Yes or No as the response. The input is the URL sample to be detected. The output is used to mark the end of the prompt and guide the large language model to generate a response.

[0024] The data preprocessing section transforms the original dataset into a form suitable for model fine-tuning. To evaluate the effectiveness of this invention, the publicly available Kaggle dataset is used as the benchmark dataset. This dataset is widely used in the field of SQL injection attack detection and contains 30,873 samples, divided into SQL injection attack and non-SQL injection attack categories. The original dataset may contain missing values, outliers, noise, or data imbalance. Data preprocessing steps can improve the quality of the samples. Targeting the characteristics of SQL injection attack samples, the preprocessing mainly employs four steps: deleting duplicate samples, deleting empty samples, URL decoding, and deleting redundant spaces.

[0025] Step S200: Prompt Engineering: Construct prompt text adapted to the large language model. The prompt text is used to provide context and task requirements, and to control the generation style and output mode.

[0026] Unlike traditional machine learning models, large language models generate responses entirely through prompts. A prompt is a descriptive text that provides specific context and task requirements, while controlling the generation style and output format. Effective prompt design can improve the model's response quality and accuracy. Therefore, it is necessary to construct appropriate prompts to drive the large language model to complete the SQL injection attack detection task. This embodiment references OpenAI's prompt design document and Stanford's Alpaca fine-tuning document, and considers that fine-tuning and inference should use the same prompt. This prompt consists of four parts: description, instruction, input, and output, separated by the "###" symbol to help the large language model distinguish different functional areas. The description guides the model to construct the task based on the instruction and generate the response as output based on the task and input. The instruction is the core of the entire prompt. By analyzing a large number of SQL injection attack samples, the instruction is divided into task prompts, example prompts, and answer prompts. Task prompts guide the model to prioritize the URL in the input part and detect whether it contains SQL injection attack patterns. Example prompts show some possible attack patterns, such as embedding special fields 'OR', '1=1', excessive use of special characters, etc. Answer prompts guide the model to choose "Yes" or "No" as the answer. The input is a sample URL to be tested. The output indicates the end of the test and guides the model to generate a response.

[0027] Step S300 Fine-tuning: Input the samples from the standardized dataset into the input part of the prompt text, and concatenate the expected output into the output part of the prompt text to form a fine-tuning dataset. Based on the fine-tuning dataset, fine-tune the large language model using LoRA technology. The expected output of the SQL injection attack sample is Yes, and the expected output of the non-SQL injection attack sample is No.

[0028] During instruction fine-tuning, LoRA technology is orthogonal to other fine-tuning methods. When fine-tuning a large language model using LoRA technology, the weight parameters of the large language model are frozen, an additional network layer is added to the side of the large language model, and only the parameters of the newly added network layer are trained. The original output of the large language model is summed with the output of the newly added network layer to obtain the final model output. The parameters of the newly added network layer are optimized by iterative training through the fine-tuning dataset. After training is completed, a dedicated large language model adapted to the SQL injection attack detection task is obtained.

[0029] Large language models currently lack universal solutions for specialized domains such as cybersecurity. Fine-tuning is a method to adapt large language models to specific tasks. Instruction fine-tuning mimics human learning patterns, using simple task definitions and corresponding examples to effectively guide the large language model to understand task requirements and obtain the expected output. First, the expected output is concatenated to the prompt output to construct fine-tuning data. This paper specifies that the expected output for SQL injection attack samples is "Yes," and the expected output for non-SQL injection attack samples is "No." Then, LoRA technology is used to fine-tune the model based on the fine-tuning data. LoRA freezes the large language model's weight parameters during fine-tuning, adds extra network layers in the bypass loop, and only changes the parameters of these newly added network layers. Finally, the output of the large language model is summed with the output of the extra network layers to obtain the final output. The performance of the model fine-tuned using LoRA is comparable to that of a fully fine-tuned model, and this method is orthogonal to other fine-tuning methods, allowing for combined use. After completing the above steps, a specialized large language model for SQL injection attack detection can be obtained.

[0030] Step S400: Label Mapping: Obtain the responses output by the large language model and convert them into standardized detection labels according to predefined label mapping rules. The label mapping rules are as follows: responses containing the keywords Yes, True, and 1 are mapped to the SQL injection attack class; responses containing the keywords No, False, and 0 are mapped to the non-SQL injection attack class; and other responses are mapped to the unknown class. Unknown class responses indicate that the large language model does not understand the instruction semantics and indicate alignment failure.

[0031] After inference, the large language model outputs a response in natural language form, which needs to be mapped to corresponding labels. However, due to the randomness of the large language model's output, even when applying the expected responses "Yes" or "No" during model fine-tuning, there is still a certain probability of outputting unexpected responses. To reduce the impact of unexpected responses on the experiment while obtaining detection labels, a series of label mappings were constructed, mapping responses containing these keywords to corresponding labels, as shown in Table 1. Responses containing the keywords "Yes," "True," and "1" are mapped to the SQL injection attack class, while responses containing the keywords "No," "True," and "0" are mapped to the non-SQL injection attack class. Specifically, for other responses output by the large language model, this invention considers them to have failed to understand the instruction semantics, indicating alignment failure, and classifies them as unknown. Example of label mapping: Figure 2 As shown, the response is mapped to the corresponding label, and the detection result is obtained.

[0032] Table 1: Correspondence between keywords and mapping tags Keywords Mapping tags Yes, True, 1 SQL injection attack class No, False, 0 Non-SQL injection attack types other unknown The method in this embodiment relies on the powerful semantic understanding capabilities of large language models to reduce the false positive rate; by utilizing prompting engineering and instruction fine-tuning techniques, it has a significant improvement in detection performance compared to the more advanced SQL injection attack detection methods currently available. Example

[0033] This invention discloses an SQL injection attack detection system based on a large language model, comprising a data preprocessing module, a prompting engineering module, an instruction fine-tuning module, and a label mapping module.

[0034] The data preprocessing module is used to perform the following: obtain the Kaggle public dataset as the benchmark dataset for SQL injection attack detection, and preprocess the benchmark dataset by removing duplicate samples, empty samples, URL decoding, and redundant spaces to obtain a standardized dataset, which includes SQL injection attack samples and non-SQL injection attack samples.

[0035] In this embodiment, the prompt text includes four parts: description, instruction, input, and output, each separated by a predetermined symbol. The description guides the large language model to construct a task based on the instruction and generate a response as output based on the task and input. The instruction is divided into task prompts, example prompts, and answer prompts by analyzing SQL injection attack samples. The task prompt guides the large language model to focus on the URL in the input part and detect whether the URL contains an SQL injection attack pattern. The example prompt is used to demonstrate typical SQL injection attack patterns. The answer prompt guides the large language model to select Yes or No as the response. The input is the URL sample to be detected. The output is used to mark the end of the prompt and guide the large language model to generate a response.

[0036] The data preprocessing module transforms the raw dataset into a form suitable for model fine-tuning. To evaluate the effectiveness of this invention, the publicly available Kaggle dataset is used as the benchmark dataset. This dataset is widely used in the field of SQL injection attack detection and contains 30,873 samples, divided into SQL injection attack and non-SQL injection attack categories. The raw dataset may contain missing values, outliers, noise, or data imbalance. Data preprocessing steps can improve the quality of the samples. Targeting the characteristics of SQL injection attack samples, the preprocessing module mainly employs four steps: deleting duplicate samples, deleting empty samples, URL decoding, and deleting redundant spaces.

[0037] The prompting engineering module is used to perform the following: build prompt text adapted to a large language model, wherein the prompt text is used to provide context and task requirements, and control the generation style and output mode.

[0038] Unlike traditional machine learning models, large language models generate responses entirely through prompts. A prompt is a descriptive text that provides specific context and task requirements, while controlling the generation style and output format. Effective prompt design can improve the model's response quality and accuracy. Therefore, it is necessary to construct appropriate prompts to drive the large language model to complete the SQL injection attack detection task. This embodiment references OpenAI's prompt design document and Stanford's Alpaca fine-tuning document, and considers that fine-tuning and inference should use the same prompt. This prompt consists of four parts: description, instruction, input, and output, separated by the "###" symbol to help the large language model distinguish different functional areas. The description guides the model to construct the task based on the instruction and generate the response as output based on the task and input. The instruction is the core of the entire prompt. By analyzing a large number of SQL injection attack samples, the instruction is divided into task prompts, example prompts, and answer prompts. Task prompts guide the model to prioritize the URL in the input part and detect whether it contains SQL injection attack patterns. Example prompts show some possible attack patterns, such as embedding special fields 'OR', '1=1', excessive use of special characters, etc. Answer prompts guide the model to choose "Yes" or "No" as the answer. The input is a sample URL to be tested. The output indicates the end of the test and guides the model to generate a response.

[0039] The instruction fine-tuning module is used to perform the following: inputting samples from the standardized dataset into the input part of the prompt text, and concatenating the expected output into the output part of the prompt text to form a fine-tuning dataset. Based on the fine-tuning dataset, the large language model is fine-tuned using LoRA technology. The expected output of SQL injection attack samples is Yes, and the expected output of non-SQL injection attack samples is No.

[0040] The instruction fine-tuning module supports LoRA technology and is orthogonal to other fine-tuning methods. When fine-tuning a large language model using LoRA technology, the weight parameters of the large language model are frozen, an additional network layer is added to the side of the large language model, and only the parameters of the newly added network layer are trained. The original output of the large language model is summed with the output of the newly added network layer to obtain the final model output. The parameters of the newly added network layer are optimized through iterative training using the fine-tuning dataset. After training is completed, a dedicated large language model adapted for SQL injection attack detection tasks is obtained.

[0041] Large language models currently lack universal solutions for specialized domains such as cybersecurity. Fine-tuning is a method to adapt large language models to specific tasks. Instruction fine-tuning mimics human learning patterns, using simple task definitions and corresponding examples to effectively guide the large language model to understand task requirements and obtain the expected output. First, the expected output is concatenated to the prompt output to construct fine-tuning data. This paper specifies that the expected output for SQL injection attack samples is "Yes," and the expected output for non-SQL injection attack samples is "No." Then, LoRA technology is used to fine-tune the model based on the fine-tuning data. LoRA freezes the large language model's weight parameters during fine-tuning, adds extra network layers in the bypass loop, and only changes the parameters of these newly added network layers. Finally, the output of the large language model is summed with the output of the extra network layers to obtain the final output. The performance of the model fine-tuned using LoRA is comparable to that of a fully fine-tuned model, and this method is orthogonal to other fine-tuning methods, allowing for combined use. After completing the above steps, a specialized large language model for SQL injection attack detection can be obtained.

[0042] The label mapping module is used to perform the following: obtain the responses output by the large language model, and convert the responses into standardized detection labels according to predefined label mapping rules. The label mapping rules are as follows: responses containing the keywords Yes, True, and 1 are mapped to the SQL injection attack class; responses containing the keywords No, False, and 0 are mapped to the non-SQL injection attack class; and other responses are mapped to the unknown class. Unknown class responses indicate that the large language model does not understand the instruction semantics and indicate alignment failure.

[0043] The large language model outputs a response after inference. This response is in the form of natural language and needs to be mapped to a corresponding label. However, due to the randomness of the large language model's output, even when applying the expected responses "Yes" or "No" during model fine-tuning, there is still a certain probability of outputting unexpected responses. To reduce the impact of unexpected responses on the experiment while obtaining detection labels, a series of label mappings were constructed, mapping responses containing these keywords to corresponding labels, as shown in Table 1. Responses containing the keywords "Yes," "True," and "1" are mapped to the SQL injection attack class, while responses containing the keywords "No," "True," and "0" are mapped to the non-SQL injection attack class. Specifically, for other responses output by the large language model, this invention considers them to have failed to understand the instruction semantics, indicating alignment failure, and classifies them as unknown. The responses are mapped to their corresponding labels, yielding the detection results.

[0044] The system in this embodiment can execute the method disclosed in Embodiment 1 to detect SQL injection attacks.

[0045] The SQL injection attack detection method and system based on a large language model provided by the present invention have been described in detail above. Specific examples have been used to illustrate the principles and implementation methods of the present invention. The description of the above embodiments is only for the purpose of helping to understand the method and core ideas of the present invention. At the same time, for those skilled in the art, there will be changes in the specific implementation methods and application scope based on the ideas of the present invention. Therefore, the content of this specification should not be construed as a limitation of the present invention.

Claims

1. A method for detecting SQL injection attacks based on a large language model, characterized in that, Includes the following steps: Data preprocessing: Obtain the Kaggle public dataset as the benchmark dataset for SQL injection attack detection, and preprocess the benchmark dataset by removing duplicate samples, empty samples, URL decoding, and redundant spaces to obtain a standardized dataset. The standardized dataset includes SQL injection attack samples and non-SQL injection attack samples. Prompt Engineering: Constructing prompt texts adapted to large language models, which provide context and task requirements, and control the generation style and output mode; Instruction fine-tuning: Samples from the standardized dataset are connected to the input part of the prompt text, and the expected output is concatenated to the output part of the prompt text to form a fine-tuning dataset. Based on the fine-tuning dataset, the large language model is fine-tuned using LoRA technology. The expected output of SQL injection attack samples is Yes, and the expected output of non-SQL injection attack samples is No. Label Mapping: Obtain the responses output by the large language model and convert them into standardized detection labels according to predefined label mapping rules. The label mapping rules are as follows: responses containing the keywords Yes, True, and 1 are mapped to the SQL injection attack class; responses containing the keywords No, False, and 0 are mapped to the non-SQL injection attack class; and other responses are mapped to the unknown class. Unknown class responses indicate that the large language model did not understand the instruction semantics, indicating alignment failure.

2. The SQL injection attack detection method based on a large language model according to claim 1, characterized in that, The prompt text consists of four parts: description, instruction, input, and output, which are separated by predefined symbols. The description is used to guide a large language model to build tasks based on instructions and generate responses as outputs based on the tasks and inputs; The instructions are divided into task prompts, example prompts, and answer prompts by analyzing SQL injection attack samples. The task prompts guide the large language model to pay attention to the URL in the input part and detect whether the URL contains SQL injection attack patterns. The example prompts are used to show typical SQL injection attack patterns. The answer prompts are used to guide the large language model to select Yes or No as the response. The input is a sample URL to be tested; The output is used to indicate the end of the prompt and guide the large language model to generate a response.

3. The SQL injection attack detection method based on a large language model according to claim 1, characterized in that, When fine-tuning a large language model using LoRA technology, the weight parameters of the large language model are frozen, an additional network layer is added to the side of the large language model, and only the parameters of the newly added network layer are trained. The original output of the large language model is summed with the output of the newly added network layer to obtain the final model output. The parameters of the newly added network layer are optimized by iterative training through the fine-tuning dataset. After training is completed, a dedicated large language model adapted to the SQL injection attack detection task is obtained.

4. The SQL injection attack detection method based on a large language model according to claim 1, characterized in that, When fine-tuning instructions, the LoRA technique is orthogonal to other fine-tuning methods.

5. A SQL injection attack detection system based on a large language model, characterized in that, It includes a data preprocessing module, a prompting engineering module, an instruction fine-tuning module, and a label mapping module; The data preprocessing module is used to perform the following: obtain the Kaggle public dataset as the benchmark dataset for SQL injection attack detection, and preprocess the benchmark dataset by removing duplicate samples, empty samples, URL decoding, and redundant spaces to obtain a standardized dataset, which includes SQL injection attack samples and non-SQL injection attack samples. The prompting engineering module is used to perform the following: build prompt text adapted to a large language model, wherein the prompt text is used to provide context and task requirements, and control the generation style and output mode; The instruction fine-tuning module is used to perform the following: inputting samples from the standardized dataset into the input part of the prompt text, and concatenating the expected output into the output part of the prompt text to form a fine-tuning dataset. Based on the fine-tuning dataset, the large language model is fine-tuned using LoRA technology. The expected output of SQL injection attack samples is Yes, and the expected output of non-SQL injection attack samples is No. The label mapping module is used to perform the following: obtain the responses output by the large language model, and convert the responses into standardized detection labels according to predefined label mapping rules. The label mapping rules are as follows: responses containing the keywords Yes, True, and 1 are mapped to the SQL injection attack class; responses containing the keywords No, False, and 0 are mapped to the non-SQL injection attack class; and other responses are mapped to the unknown class. Unknown class responses indicate that the large language model does not understand the instruction semantics and indicate alignment failure.

6. The SQL injection attack detection system based on a large language model according to claim 5, characterized in that, The prompt text consists of four parts: description, instruction, input, and output, which are separated by predefined symbols. The description is used to guide a large language model to build tasks based on instructions and generate responses as outputs based on the tasks and inputs; The instructions are divided into task prompts, example prompts, and answer prompts by analyzing SQL injection attack samples. The task prompts guide the large language model to pay attention to the URL in the input part and detect whether the URL contains SQL injection attack patterns. The example prompts are used to show typical SQL injection attack patterns. The answer prompts are used to guide the large language model to select Yes or No as the response. The input is a sample URL to be tested; The output is used to indicate the end of the prompt and guide the large language model to generate a response.

7. The SQL injection attack detection system based on a large language model according to claim 5, characterized in that, When fine-tuning a large language model using LoRA technology, the weight parameters of the large language model are frozen, an additional network layer is added to the side of the large language model, and only the parameters of the newly added network layer are trained. The original output of the large language model is summed with the output of the newly added network layer to obtain the final model output. The parameters of the newly added network layer are optimized by iterative training through the fine-tuning dataset. After training is completed, a dedicated large language model adapted to the SQL injection attack detection task is obtained.

8. The SQL injection attack detection system based on a large language model according to claim 5, characterized in that, The instruction fine-tuning module supports LoRA technology and is orthogonal to other fine-tuning methods.